Communications Support Forums
Mods, feel free to move this post. I saw there was a ton of locked posts in the console forum.
If you happen to put your MIP5000 Gateways on the public internet, then please do not be surprised when you get a nasty letter from the FBI that your MIP5000 Gateways are participating in DDOS attacks on Fortune 500 companies. It turns out there is an exploit in the NTP protocol. It is called an NTP Reflection Attack. We saw symptoms on the customer side of intermittent dropped audio, Gateways rebooting, very high bandwidth traffic loads, etc. I still cannot understand why they are on the public facing internet. It has been a long couple of weeks. FB
If you happen to put your MIP5000 Gateways on the public internet, then please do not be surprised when you get a nasty letter from the FBI that your MIP5000 Gateways are participating in DDOS attacks on Fortune 500 companies. It turns out there is an exploit in the NTP protocol. It is called an NTP Reflection Attack. We saw symptoms on the customer side of intermittent dropped audio, Gateways rebooting, very high bandwidth traffic loads, etc. I still cannot understand why they are on the public facing internet. It has been a long couple of weeks. FB